<?php
	include_once("./public/common.php");
	include_once("./public/verify.php");
	$newVer=urldecode(getPOSTPara('newVer'));
	
	$verNewVer=urldecode(getPOSTPara('verNewVer'));
	$newUid=urldecode(getPOSTPara('newUid'));
	$uid = specialDecode($newUid,$newVer);
	
	$password = getPOSTPara('password');
	$passwordAgain = getPOSTPara('passwordAgain');
	

	
	echo "uid:";
	echo $uid;
	if(simpleVerify($newVer,$verNewVer) == false){
		echo "fail to verify";
		return ;
	}
	if(empty($uid) || $password == NULL || $passwordAgain == NULL){
		
		echo "parameter not enough";
		return ;
	}
	if(strcmp($password,$passwordAgain) != 0){
	
		echo "password not equal";
		return ;	
	}
	include_once("./public/opDB.php");
	$sql = 'UPDATE `phctrl`.`user` SET `password` = \''.$password.'\' WHERE `user`.`uid` = '.$uid.' LIMIT 1;';
	$res = mysql_query($sql) or die('fail to update');
	
	mysql_close($con);	
	if($res){
		echo "change password ok!";	
	}
	
	
	echo "<h1>(～￣▽￣)～ change password success</h1><br/>";
	echo 'you will be back in 1 seconds......<br />';
	echo '<meta http-equiv="Refresh" content="1;url=http://127.0.0.1:8080/phctrl">';
	echo 'if not return , click here<p></p>';
	echo '<a href="http://127.0.0.1:8080/phctrl">return</a>';

?>